The Washington Post reported that Flame was developed and deployed by the US and Israeli governments, along with Stuxnet and Duqu, to slow Iranian nuclear weapon development. This was suspected due to the sophisticated collision attack and the common code with Stuxnet. It still is troubling that this reporting of what everyone thinks happened is attributed only to “several U.S. and Western officials who spoke on the condition of anonymity”. There is nothing new in the article except for the claim of attribution. Any reporter could have written this without anything beyond speculation from a few DC sources. At least Confront and Conceal had detailed conversations, code names and events. The attribution is likely correct, but it is hard to trust the story given no evidence or statements on the record.

Interesting irony that the exploit framework Metasploit had a vulnerability. Rapid 7 disclosed it and quickly issued a security patch. It’s really not that hard to figure out if you are a vendor. Have a strong security development lifecycle (SDL) and fix problems when they arise.

Critical Intelligence provides reports and other information products on Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.